What really impressed us was that Alert Logic was out there at the forefront from the beginning; providing visibility into traffic and services to help its cloud-based customers deliver both security and compliance with key regulations such as PCI DSS.
Mieke Kooij, Security Director
Trainline is a one-stop shop for train travel, bringing together major train companies to provide a complete set of travel options. They bring best-in- class technology to rail, making it easy for travelers to find the best price for their journey.
The Trainline website receives 30 million visits per month and the company is experiencing 100% year-on-year growth in app transaction volumes. Trainline sells a ticket every three seconds and manages an equally massive number of credit card transactions coming from all over Europe. The Trainline team is aware of the responsibilities that come with handling this volume of sensitive information. Mieke Kooij, Trainline’s Security Director, shared, “We’re trusted with a huge amount of personal data and it’s imperative that we put security first.”
The Challenge
True to its reputation of being one of the industry’s leading innovators, Trainline moved its portfolio of applications to Amazon Web Services (AWS), decommissioning its legacy brick-and-mortar production data center in the process.
The transition to AWS provided benefits such as agility, efficiency, and economy but also necessitated a change in the company’s approach to security. Trainline leveraged this move to ensure security was built into their foundations.
“Executing in the cloud requires a totally different mindset: You can’t just deploy a traditional layered architecture and expect to be protected. Being virtual turns things on their head, you need new ways to gain visibility and ensure the right level of control,” explained Kooij. “We jumped at the opportunity to implement an entirely new security architecture.”
The Alert Logic team’s analysis of our logs has really helped us to understand what our applications are telling us, and what ‘normal’ and ‘good’ states look like, which is a view that we didn’t have before. It’s great working with a specialist and leader in this space who provide continuous monitoring and visibility.
Mieke Kooij, Security Director
Solution
“There are not a lot of cloud solution providers for either intrusion prevention systems (IPS) or intrusion detection systems (IDS),” said Jerry Wozniak, Application Security Lead for Trainline. “Functions such as file integrity monitoring, or even vulnerability scanning, are more challenging in a virtual environment. We looked for solutions that were designed from the ground-up to work in the cloud and that leverage advanced APIs to fully understand the infrastructure, rather than relying on the old approach of discovery via network scans.”
A security architect on the Trainline team already was familiar with Fortra’s Alert Logic’s suite of solutions and based on those positive experiences recommended Alert Logic.
The Alert Logic solutions proved to be straightforward to implement, “Deployment is very easy: Alert Logic just about configures itself out of the box,” said Wozniak. “It saves us a lot of time and troubleshooting, we appreciate how well it works.” “The company’s solutions are specifically engineered for cloud deployments instead of taking older architectures and forcing them to work – this is exactly what we were looking for,” Kooij concurred.
Kooij added, “The Alert Logic team’s analysis of our logs has really helped us to understand what our applications are telling us, and what ‘normal’ and ‘good’ states look like, which is a view that we didn’t have before. It’s great working with a specialist and leader in this space who provide continuous monitoring and visibility.”
“We have a very close relationship with our account manager and all of our questions and concerns are dealt with very professionally and quickly,” Wozniak said. “I’m very happy with how the Alert Logic solutions work and the support we receive; the relationship has been going very well.”
Trainline’s also is working to ensure GDPR compliance. “GDPR is about far more than your technical controls, but it’s great to know that we have the right security foundations,” said Kooij.
Summary
Trainline has deployed Alert Logic across multiple infrastructures; not only for AWS-based applications but also running in one of their management data centers.
Trainline’s impressive year-over-year growth means security measures have to scale accordingly to keep pace with the increasing volumes of data. With a back-end team that provides continual monitoring, Alert Logic delivers the required scalability and provides Trainline with the critical proof points required to maintain PCI DSS compliance. “With the managed, outsourced nature of the Alert Logic service, we don’t have to spend time or worry about hiring additional resources to maintain coverage,” said Wozniak.